It also sends every url you visit to HNSearch, which a lot of people were unhappy with from a privacy perspective. My extension sends MD5(url), which makes it nearly impossible for me to track someones browsing behavior.
You're kidding, right? In order to tell if there is a HN thread about the page, you also MD5(url) all HN threads. If you find a match, you send the thread to the user. Therefore, you know the user is visiting the url the HN thread is about!
Let's not even talk about how cheap it is to test for MD5 collisions against popular urls, or the how easy it is to determine if the user has visited an arbitrary url.
It was mostly a vehicle for me to learn coffeescript & node.js, so it's got some rough edges.